Description
The Open FAIR™ Certification for People program is based upon Factor Analysis of Information Risk (FAIR), an open and independent information risk analysis methodology. FAIR provides a model for understanding, analyzing, and measuring information risk. The Open Group has published two standards based upon FAIR, which together constitute the Open FAIR Body of Knowledge:
- Risk Taxonomy Technical Standard (O-RT). This standard defines a standard taxonomy of terms, definitions, and relationships used in risk analysis.
- Risk Analysis Technical Standard (O-RA). This standard describes process aspects associated with performing effective risk analysis.
Transform how you model, measure, and manage cyber risk.
Our FAIR-certified experts will help you prioritize your IT security investments, improve governance and increase your organization's cyber resilience with our risk-based CRQ Solutions.
The Open FAIR Certification Program provides certification for people and accreditation of training courses:
- Open FAIR Certification for People is a market-driven education and certification program that ensures individuals have knowledge and understanding of the Open FAIR Body of Knowledge.
- Open FAIR Training Course Accreditation provides an assurance mark for training courses and requires an assessment of the course as well as the personnel and organization. In addition, all accredited training courses include the examination in their course fee.
FAQ : Cartographie des risques
Qu’est-ce qu’une cartographie des risques ?
La cartographie des risques, ou risk mapping, est un outil de gestion des risques qui se présente sous la forme d’un tableau. Les risques y sont classés selon leur probabilité et leur impact, du plus faible au plus grave.
Comment réaliser une cartographie des risques ?
Le risk mapping suit généralement une méthode en 4 étapes : identification des activités phares de la structure, recensement des risques qui la menacent, évaluation de leur probabilité et de leur impact, élaboration des mesures de détection et de protection. Cette démarche varie cependant selon différentes écoles théoriques.
Pourquoi faire une cartographie des risques ?
Le risk mapping permet d’identifier les situations problématiques pour l’activité, voire pour la survie de l'entreprise. C’est un graphique lisible simplement, qui aide à prendre des décisions pertinentes en termes de gestion du risque.
Share this article
We build scalable solutions to quantify cyber risk in financial terms so organizations can make informed decisions to improve governance and resilience.
